mod_auth is one of lighttpd's (an open source web server) modules. This specific module handles authentification.
We need the following change:
Extend the semantics of require, so that it allows a mode called "valid-user-clever" that works like this:
"/" => (
"method" => "basic",
"realm" => "Example realm",
"require" => "valid-user-clever"
"clever-root" => "/var/clever_root/"
)
The behaviour will be like this. For all requests, you will first check
/var/clever_root/users/${username}
Username is of course the HTTP auth user the requests come from.
For example, suppose the user is "admin".
You verify that the file /var/clever_root/users/admin exists
If it does not exist, then nothing special is done (if user/pass is correct then you allow access, otherwise you don't, same as always).
If it does exist, it will contain a list of IP addresses (in / form). If the request comes from one of those IP addresses *and* the pass is correct, you grant access, otherwise you deny it, even if the password is correct.
Additionally, for a requested file, if the URI ends with "?isfree=1" then you check for
/var/clever_root/freefiles/${filename}
If it does NOT exist, then you proceed as always (check user/pass, etc)
If it does exist, it will contain a list of IP addresses (again, in / form). If the request comes from those IPs, then you grant access without checking user/pass. If the request comes from a different IP address you check user/pass and act appropiately.
About the filename, you just check the name itself, for example:
<[login to view URL]>
You would check
/var/clever_root/freefiles/[login to view URL]